A vulnerability scanner for container images and filesystems
GUAC aggregates software security metadata into a high fidelity graph database.
OWASP dep-scan is a next-generation security and risk audit tool based on known vulnerabilities, advisories, and license limitations for project dependencies. Both local repositories and container images are supported as the input, and the tool is ideal for integration.
Houdini recipe files repository.
OWASP CycloneDX is a full-stack Bill of Materials (BOM) standard that provides advanced supply chain capabilities for cyber risk reduction. SBOM, SaaSBOM, HBOM, AI/ML-BOM, CBOM, OBOM, MBOM, VDR, and VEX
CycloneDX CLI tool for SBOM analysis, merging, diffs and format conversions.
Creates CycloneDX Software Bill of Materials (SBOM) from Maven projects
Creates CycloneDX Software Bill of Materials (SBOM) from .NET Projects
An easy to use and feature-rich PROS template for the Vex V5
A repository with examples of CycloneDX BOMs (SBOM, SaaSBOM, OBOM, VEX, etc)
Semantic SBOM/CBOM diff, quality scoring, and TUI analysis tool for CycloneDX/SPDX — covering component changes, dependency shifts, license conflicts, vulnerabilities, cryptographic inventory grading, and PQC compliance (CNSA 2.0, NIST IR 8547).
A tool to create, transform and attest VEX metadata
An LDraw™ editor for LEGO® style digital building instructions.
Creates CycloneDX Software Bill of Materials (SBOM) from Go modules
houdini hda tools focused on procedural modeling environments
Creates CycloneDX Software Bill of Materials (SBOM) from Rust (Cargo) projects
Add a description, image, and links to the vex topic page so that developers can more easily learn about it.
To associate your repository with the vex topic, visit your repo's landing page and select "manage topics."